UpGuard is excited to announce the latest addition to our Vendor Risk Questionnaire Library: the DORA (Digital Operational Resilience Act) questionnaire! The addition of DORA to the Questionnaire Library reflects UpGuard’s ongoing commitment to providing our customers with the necessary tools to navigate today’s evolving regulatory standards.
This latest questionnaire enables UpGuard Vendor Risk customers to effortlessly assess their third-party adherence to DORA’s requirements, simplifying the entire process and saving time and resources. By simplifying the compliance process, our customers can focus on what matters most—managing risks and building resilience.
With the new DORA questionnaire, Vendor Risk customers can:
- Ensure their vendors meet the full spectrum of regulatory requirements for ICT risk management, reporting, and resilience under the DORA framework.
- Proactively identify and address compliance gaps in their vendor ecosystem to enhance operational resilience and avoid business disruptions.
- Streamline vendor assessments with automated workflows, where risks are automatically identified based on vendor responses, reducing manual analysis time, and improving executive decision-making with actionable insights.
- Standardize risk information collection with always up-to-date, ready-to-deploy questionnaires, ensuring adherence to evolving regulatory standards and mitigating the risk of non-compliance.
Learn more about UpGuard's DORA questionnaire >
The DORA questionnaire adds to UpGuard’s extensive and growing library of over 30 pre-built templates, covering key regulations, industry standards, and common frameworks to meet evolving compliance needs. Most importantly, these questionnaires are available at no additional cost to all Vendor Risk customers, ensuring they have complete access to the tools they need to stay compliant and manage their vendor risks effectively.
What is DORA?
DORA (Digital Operational Resilience Act) is the latest regulation introduced by the European Union (EU) designed to bolster the cybersecurity and operational resilience of the financial sector. DORA establishes a comprehensive framework for managing information and communication technology (ICT) risks within financial entities and their critical third-party service providers. DORA focuses on ensuring that the financial sector can withstand, respond to, and recover from ICT-related disruptions and cyber threats.
Beginning January 17, 2025, DORA will come into full effect, impacting all financial sector entities, including:
- Banks
- Insurance companies
- Investment firms
- Lending firms
- Payment and credit institutions
- Crypto asset service providers
- Other financial providers
Next steps
To access the new DORA questionnaire, customers can log in to the UpGuard portal and find the Questionnaire Library in the Vendor Risk module. The DORA questionnaire will be listed under the Questionnaire Library tab in the Questionnaires section.